﻿Imports System.Data.SqlClient
Public Class _Default
    Inherits System.Web.UI.Page


    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

        Session.RemoveAll()
    End Sub

    Public Sub Login(ByVal sender As Object, ByVal e As System.EventArgs)
        Dim strUserName, strSQL, strError As String
        Dim b As Boolean = False
        Dim dts As New DataSet
        strError = ("User Name or Password is invalid! Please check it again")

        strSQL = "SELECT * FROM [User] WHERE User_Number= '" & txtUserName.Text & "'"
        dts = CommonUtil.executeSQL(strSQL, "User")


        Dim dt As System.Data.DataTable = dts.Tables("User")

        If dt IsNot Nothing Then
            Dim dr As DataRow
            For Each dr In dt.Rows

                If dr("User_Expired") = "True" Then
                    b = True
                    strError = ("Your account is disable by Administrator")
                Else
                    b = True
                    strError = ""
                    If dr("User_Number") = txtUserName.Text And dr("User_Password") = txtPassword.Text Then
                        strUserName = dr("User_Name")
                        Session("userName") = strUserName
                        Session("User_Type") = dr("User_Admin")
                        Response.Redirect("Operation_Page.aspx", True)
                    Else
                        strError = ("User Name or Password is invalid! Please check it again")

                    End If
                End If
            Next
        End If
        If strError <> "" Then
            lblErrorMsg.Text = strError
            txtPassword.Text = ""
            txtUserName.Text = ""
            txtUserName.Focus()
        End If


    End Sub

End Class